Critical XRP Ledger Bug in Batch Amendment Could Have Drained User Wallets

News By Alex Dovbnya Fri, 27/02/2026 - 6:02 A major logic flaw within the XRP Ledger (XRPL) codebase has been narrowly averted, preventing an exploit that would have enabled unauthorized fund transfers and account deletions.. Advertisement

A severe logic flaw within the XRP Ledger (XRPL) codebase was narrowly averted this month, a recent blog post states. 

Advertisement

Security researchers discovered a vulnerability that could have allowed attackers to drain user wallets without needing their private keys.

The bug, which was spotted in the proposed "Batch" amendment (XLS-56), was identified earlier this month by independent researcher Pranamya Keshkamat and an autonomous AI security tool named Apex. 

HOT Stories Critical XRP Ledger Bug in Batch Amendment Could Have Drained User Wallets Crypto Market Review: XRP Volatility Squeeze is a $2 Recipe, Will Dogecoin (DOGE) Zero Removal Happen in February? Shiba Inu (SHIB) Bullruns Aren't Possible Yet

The amendment was still in its voting phase and had not been activated on the XRPL mainnet. Hence, no user funds were at risk or lost.

Advertisement

The vulnerability explained 

The Batch amendment would allow multiple "inner" transactions to be grouped together.

These inner transactions are intentionally left unsigned in order to save processing power. Instead, authorization is delegated to the outer batch's list of signers.

A critical loop error caused a major vulnerability in the process of calling signers.

Advertisement

You Might Also Like Tue, 02/24/2026 - 14:24 XRPL Payments Spike 200% Despite XRP's Market Downturn ByArman Shirinyan

If the system encountered a signer for an account that did not yet exist on the ledger, and the signing key matched that new account, the system immediately declared the validation a success. It then exited the loop early, avoiding validator checks. 

A specific sequence of batched transactions could have been used by the attacker to exploit the aforementioned vulnerability. 

Had the Batch amendment been activated on the mainnet before this discovery, the XRPL ecosystem would have potentially suffered a severe blow. An attacker could have stolen funds, modified the ledge state, and destabilized the ecosystem. 

Earlier this week, developers released the Rippled 3.1.1 reference server software. This emergency patch explicitly marks the Batch amendment as unsupported, 

A comprehensive fix that removes the early-exit loop and adds tighter authorization guards has been developed. It is currently undergoing rigorous peer review. 

#Ripple News #XRP Ledger Advertisement

Related articles

Crypto Market ReviewNewsPrice Analysis Feb 27, 2026 - 0:01 Crypto Market Review: XRP Volatility Squeeze is a $2 Recipe, Will Dogecoin (DOGE) Zero Removal Happen in February? Shiba Inu (SHIB) Bullruns Aren't Possible Yet ByArman Shirinyan Crypto News DigestNews Feb 26, 2026 - 22:00 XRP Sees 6% Increase as Bollinger Bands Signal Momentum, Bitcoin ETFs Record Renewed Inflows, 549 Billion SHIB Enter Circulation — U.Today Crypto Digest ByDan Burgin